<?php
/*
	Copyright 2006, 2007, 2008, 2009, 2010 Bastiaan Grutters
    
    This file is part of Ages of Strife website.

    Ages of Strife website is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    Ages of Strife website is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with Ages of Strife website.  If not, see <http://www.gnu.org/licenses/>.
 */
include( '../global/initialize.php' );

if( isset( $_POST[ 'button' ] ) && $_POST[ 'button' ] == "save" ) {
	if( isset( $_POST[ 'news_letter' ] ) ) {
		$news_letter = '1';
	}
	else {
		$news_letter = '0';
	}

	if( isset( $_POST[ 'highlight_history' ] ) ) {
		$highlight_history = '1';
	}
	else {
		$highlight_history = '0';
	}

	if( isset( $_POST[ 'auto_refresh' ] ) ) {
		$auto_refresh = '1';
	}
	else {
		$auto_refresh = '0';
	}
	if( isset( $_POST[ 'threaded_letters' ] ) ) {
		$threaded_letters = '1';
	}
	else {
		$threaded_letters = '0';
	}
	if( isset( $_POST[ 'show_medals' ] ) ) {
		$show_medals = '1';
	}
	else {
		$show_medals = '0';
	}
	if( isset( $_POST[ 'officer_suggest_global' ] ) ) {
		$officerSuggestGlobal = '1';
	}
	else {
		$officerSuggestGlobal = '0';
	}
	if( isset( $_POST[ 'show_promotion_tab' ] ) ) {
		$showPromotionTab = '1';
	}
	else {
		$showPromotionTab = '0';
	}
	if( isset( $_POST[ 'end_username' ] ) ) {
		$end_username = '1';
	}
	else {
		$end_username = '0';
	}
	if( isset( $_POST[ 'operations_news' ] ) ) {
		$operations_news = '1';
	}
	else {
		$operations_news = '0';
	}
	if( isset( $_POST[ 'military_news' ] ) ) {
		$military_news = '1';
	}
	else {
		$military_news = '0';
	}
	if( isset( $_POST[ 'civilian_news' ] ) ) {
		$civilian_news = '1';
	}
	else {
		$civilian_news = '0';
	}
	if( isset( $_POST[ 'letters' ] ) ) {
		$letters = '1';
	}
	else {
		$letters = '0';
	}
	if( isset( $_POST[ 'show_village_image' ] ) ) {
		$show_village_image = '1';
	}
	else {
		$show_village_image = '0';
	}
	if( isset( $_POST[ 'inactivity_notification' ] ) ) {
		$inactivity_notification = '1';
	}
	else {
		$inactivity_notification = '0';
	}
	
	if( isset( $_POST[ 'email' ] ) ) {
		$email = formatEmail( $_POST[ 'email' ] );
	}
	else {
		$email = '';
	}
	
	$query = "SELECT email " .
			"FROM users " .
			"WHERE user_id = " . $_SESSION[ 'user_id' ];
	$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
	$row = mysql_fetch_array($result, MYSQL_ASSOC);
	if( isset( $row[ 'email' ] ) && $row[ 'email' ] != '' ) {
		$email = $row[ 'email' ];
	}
	
	if( isset( $_POST[ 'army_names' ] ) ) {
		$army_names = formatInput( $_POST[ 'army_names' ] );
	}
	else {
		$army_names = '';
	}
	
	if( isset( $_POST[ 'info' ] ) ) {
		$info = addslashes( formatInputLetter( $_POST[ 'info' ] ) );
	}
	else {
		$info = "";
	}
	
	if( isset( $_POST[ 'language' ] ) && strlen( $_POST[ 'language' ] ) == 2 ) {
		$language = addslashes( $_POST[ 'language' ] );
	}
	else {
		$language = 'en';
	}
		
	$_SESSION[ 'settings_status' ] = "Settings saved";
	$query = "UPDATE users SET email = '$email', army_names = '$army_names', info = '$info', operations_news = '$operations_news', " .
				"military_news = '$military_news', civilian_news = '$civilian_news', " .
				"letters = '$letters', auto_refresh = '$auto_refresh', threaded_letters = '$threaded_letters', show_turns = '$show_turns', news_letter = $news_letter " .
				", show_medals = '$show_medals', end_username = '$end_username', highlight_history = $highlight_history, " .
				"language = '$language', inactivity_notification = '$inactivity_notification', show_promotion_tab = '$showPromotionTab', " .
				"officer_suggest_global = $officerSuggestGlobal, show_village_image = $show_village_image " .
				"WHERE user_id = " . $_SESSION[ 'user_id' ];
	mysql_query( $query ) or die( "Query failed : " . mysql_error() );
	if ( formatInput( $_POST[ 'password_old' ] ) != "" && formatInput( $_POST[ 'password_new' ] ) != "" && formatInput( $_POST[ 'password_confirm' ] ) != "" ) {
		$new_password = formatInput( $_POST[ 'password_new' ] );
		$confirm_password = formatInput( $_POST[ 'password_confirm' ] );
		
		$query = "SELECT password " .
				"FROM users " .
				"WHERE user_id = " . $_SESSION[ 'user_id' ];
		$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
		$row = mysql_fetch_array($result, MYSQL_ASSOC);
		if( $row[ 'password' ] == crypt( $_POST[ 'password_old' ], $row[ 'password' ] ) ) {
			if( $new_password == $confirm_password ) {
				$query = "UPDATE users " .
						"SET password = '" . ( $password_crypt = crypt( $new_password ) ) . "' " .
						"WHERE user_id = " . $_SESSION[ 'user_id' ];
				mysql_query( $query ) or die( "Query failed : " . mysql_error() );
				$_SESSION[ 'password' ] = $password_crypt;
				$_SESSION[ 'password_status' ] = "Your password has been changed.";
			}
			else {
				$_SESSION[ 'password_status' ] = "New password doesn't match confirm field!";
			}
		}
		else {
			$_SESSION[ 'password_status' ] = "Your old password does not match!";
		}
	}
	else if ( $_POST[ 'password_old' ] != "" || $_POST[ 'password_new' ] != "" || $_POST[ 'password_confirm' ] != ""  ) {
		$_SESSION[ 'password_status' ] = "You must fill in all 3 password fields";
	}
	
	header( "Location: settings.php" );
}
else if( isset( $_POST[ 'button' ] ) && $_POST[ 'button' ] == "resign_confirm" ) {
	$query = "SELECT start_turn FROM ruler WHERE ruler_id = " . $_SESSION[ 'ruler_id' ];
	$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
	$row = mysql_fetch_array( $result, MYSQL_ASSOC );
	$start_turn = $row[ 'start_turn' ];
	$query = "SELECT turn FROM game";
	$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
	$row = mysql_fetch_array( $result, MYSQL_ASSOC );
	if( ( isset( $_SESSION[ 'admin' ] ) && $_SESSION[ 'admin' ] == 1 ) || $start_turn + 100 < $row[ 'turn' ] ) {
		if( isset( $_POST[ 'resign' ] ) ) {
			$query2 = "UPDATE ruler SET user_id = -1, active_turn = 0, resigned = 1 WHERE user_id = " . $_SESSION[ 'user_id' ];
			mysql_query( $query2 ) or die( "Query failed : " . mysql_error() );
			
			$query3 = "SELECT army_id FROM army WHERE ruler_id = " . $_SESSION[ 'ruler_id' ];
			$result3 = mysql_query( $query3 ) or die( "Query failed : " . mysql_error() );
			$num = mysql_numrows( $result3 );
			$i = 0;
			while ( $num > $i ) {
				$query = "DELETE FROM army_orders WHERE army_id = " . mysql_result( $result3, $i, "army_id" );
				mysql_query( $query ) or die( "Query failed : " . mysql_error() );
				$query = "DELETE FROM transfer WHERE from_army_id = " . mysql_result( $result3, $i, "army_id" ) . " OR to_army_id = " . mysql_result( $result3, $i, "army_id" );
				mysql_query( $query ) or die( "Query failed : " . mysql_error() );
				$i ++;
			}
			
			$query = "DELETE FROM army WHERE ruler_id = " . $_SESSION[ 'ruler_id' ];
			mysql_query( $query ) or die( "Query failed : " . mysql_error() );
			
			unset( $_SESSION[ 'ruler_id' ] );
			
			header( "Location: ../global/sign_up.php" );
		}
		else {
			$_SESSION[ 'settings_status' ] = "If you really want to resign, select the resign checkbox and press resign again.";
			header( "Location: settings.php" );
		}
	}
	else {
		$_SESSION[ 'settings_status' ] = "You can only resign after atleast 100 ingame days.";
		header( "Location: settings.php" );
	}
}
else {
/*	print( "<pre>" );
	print_r( $_POST );
	print( "</pre>" );
*/	
	$_SESSION[ 'settings_status' ] = "Status: Crazyness!";
	header( "Location: settings.php" );
}
?>